Page Comparison

...

Forward emails as events to Event Console

Forwarding Method

You can select if you want to send the events to the Event Console or a remote syslog host. If you want to send the events to the local EC, we recommend using the spooling mechanism.

The check will store all collected events in one file in ~/var/mkeventd/spool using the spooling mechanism.

Code Block

language	bash
theme	RDark

OMD[mysite]:~$ ll ~/var/mkeventd/spool/

total 3600

-rw-rw---- 1 mysite mysite 79124 Dec 7 15:36 mysite_407343_1607351778

-rw-rw---- 1 mysite mysite 79124 Dec 7 15:37 mysite_408329_1607351841

Only process mails with matching subject

Use this option to not process all messages found in the inbox but only those whose subject matches the given regular expression. The text entered here is handled as a regular expression pattern. The pattern is matched from the beginning. Add a tailing $ to change it to a whole text match. The match is performed case-sensitive. Read more about regular expression matching in Checkmk in our official user guide.
.

You need to be aware that a subject field could contain line breaks. This is depending on your mail client and mail gateway. You could check the raw email to find out how many line breaks you have.

.
Now you can use regex platforms like regex101.com to create a regex.

.

For advanced debugging
.

Copy the plugin to the local path.

Code Block

language	bash
theme	RDark

OMD[mysite]:~/lib/nagios/plugins$ cp check_mail ~/local/lib/nagios/plugins/

.

Add a print for the subject.

Code Block

language	bash
theme	RDark

     for index, msg in sorted(mails.items()):
         subject = msg.get('Subject', 'None')
         print(subject)

.

Run the script manually.

Code Block

language	bash
theme	RDark

OMD[mysite]:~/lib/nagios/plugins$ ./check_mail --pwstore=6@17@password_1 '--fetch-protocol=IMAP' '--fetch-server=imap.strato.de' '--fetch-tls' '--fetch-port=993' '--fetch-username=user@provider.com' '--fetch-password=*************' '--connect-timeout=10' '--forward-ec' '--match-subject=.*Incident.*\n.*assigned' 
=?utf-8?Q?Incident_INC000000XXXX_has_bee?=
 =?utf-8?Q?n_assigned_to_your_group_'XXXX=
 =?utf-8?Q?XXXXX'_=XXXXX:_Comuni?=
 =?utf-8?Q?XXXXX_-_Priority:_Low?=
=?utf-8?Q?Incident_INC000000XXXX_has_bee?=
 =?utf-8?Q?n_assigned_to_your_group_'XXXX=
 =?utf-8?Q?XXXXX'_=XXXXX:_Comuni?=
 =?utf-8?Q?XXXXX_-_Priority:_Low?=
Forwarded 2 messages to event console | messages=2

Events: Syslog facility
- Use this syslog facility for all created events.
Events: Hostname
- Use this hostname for all created events instead of the mail server's name.
Limit the length of the mail body.
- When forwarding mail from the mailbox to the event console, the body of the mail is limited to the given number of characters.
Cleanup messages
- The handled messages (see subject matching) can be cleaned up by deleting them or moving them to a subfolder. By default, nothing is cleaned up.

...

Code Block

language	bash
theme	RDark
title	~/var/log/mkeventd.log

2020-12-07 12:51:18,078 [20] [cmk.mkeventd.EventServer] Processing message '<21>Dec 7 12:51:17 localhost Checkmk EC: Checkmk EC|Email to EC of Checkmk!'

2020-12-07 12:51:18,079 [20] [cmk.mkeventd.EventServer] Parsed message:

application: Checkmk EC

core_host:

facility: 2

host: localhost

host_in_downtime: False

ipaddress:

pid: 0

priority: 5

text: Checkmk EC|Email to EC of Checkmk!

time: 1607341877.0

Execute active Check manually.

...

Versions Compared

Old Version 61

New Version 62

Key

Forward emails as events to Event Console

Forwarding Method

Only process mails with matching subject

Events: Syslog facility

Events: Hostname

Limit the length of the mail body.

Cleanup messages

Execute active Check manually.